Home Explore Help
Sign In
wiki
/
weseek__growi
mirror of https://github.com/weseek/growi
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

install express-sanitizer

Yuki Takei 8 years ago
parent
331458eb53
commit
bc4173e424
3 changed files with 18 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      lib/crowi/express-init.js
  2. 1 0
      package.json
  3. 15 0
      yarn.lock

+ 2 - 0
lib/crowi/express-init.js
View File 

@@ -9,6 +9,7 @@ module.exports = function(crowi, app) {
 
     , methodOverride = require('method-override')
 
     , passport       = require('passport')
 
     , session        = require('express-session')
 
+    , sanitizer      = require('express-sanitizer')
 
     , basicAuth      = require('basic-auth-connect')
 
     , flash          = require('connect-flash')
 
     , swig           = require('swig-templates')
 
@@ -94,6 +95,7 @@ module.exports = function(crowi, app) {
 
   app.use(methodOverride());
 
   app.use(bodyParser.urlencoded({ extended: true, limit: '50mb' }));
 
   app.use(bodyParser.json({limit: '50mb'}));
 
+  app.use(sanitizer());
 
   app.use(cookieParser());
 
   app.use(session(crowi.sessionConfig));

+ 1 - 0
package.json
View File 

@@ -83,6 +83,7 @@
 
     "express": "^4.16.1",
 
     "express-form": "~0.12.0",
 
     "express-pino-logger": "^3.0.1",
 
+    "express-sanitizer": "^1.0.4",
 
     "express-session": "~1.15.0",
 
     "express-webpack-assets": "^0.1.0",
 
     "extract-text-webpack-plugin": "^3.0.2",

+ 15 - 0
yarn.lock
View File 

@@ -2694,6 +2694,13 @@ express-pino-logger@^3.0.1:
 
   dependencies:

     pino-http "^3.0.1"

 

+express-sanitizer@^1.0.4:

+  version "1.0.4"

+  resolved "https://registry.yarnpkg.com/express-sanitizer/-/express-sanitizer-1.0.4.tgz#5331a12de6577582901a6581e91e38a8b99a6ee2"

+  dependencies:

+    sanitizer "0.1.3"

+    underscore "1.8.3"

+

 express-session@~1.15.0:

   version "1.15.6"

   resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.15.6.tgz#47b4160c88f42ab70fe8a508e31cbff76757ab0a"

@@ -6498,6 +6505,10 @@ samsam@1.3.0, samsam@1.x:
 
   version "1.3.0"

   resolved "https://registry.yarnpkg.com/samsam/-/samsam-1.3.0.tgz#8d1d9350e25622da30de3e44ba692b5221ab7c50"

 

+sanitizer@0.1.3:

+  version "0.1.3"

+  resolved "https://registry.yarnpkg.com/sanitizer/-/sanitizer-0.1.3.tgz#d4f0af7475d9a7baf2a9e5a611718baa178a39e1"

+

 sass-graph@^2.2.4:

   version "2.2.4"

   resolved "https://registry.yarnpkg.com/sass-graph/-/sass-graph-2.2.4.tgz#13fbd63cd1caf0908b9fd93476ad43a51d1e0b49"

@@ -7308,6 +7319,10 @@ uncontrollable@^4.1.0:
 
   dependencies:

     invariant "^2.1.0"

 

+underscore@1.8.3:

+  version "1.8.3"

+  resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.8.3.tgz#4f3fb53b106e6097fcf9cb4109f2a5e9bdfa5022"

+

 uniq@^1.0.1:

   version "1.0.1"

   resolved "https://registry.yarnpkg.com/uniq/-/uniq-1.0.1.tgz#b31c5ae8254844a3a8281541ce2b04b865a734ff"